[Snort-devel] now a crash in spp_tcp_stream3
eugene at ...223...
Tue May 15 13:28:13 EDT 2001
values 0x16 and 0x22 mean that you are dereferencing a NULL/invalid pointer
On Tue, May 15, 2001 at 12:09:54PM -0500, Steve Halligan wrote:
> I got it again, the number is 1441792 (oddly that is 0x160000)
> > > The saga continues, I still have it sitting in gdb if anyone
> > > needs more
> > > data.
> > > CVS from 30 min ago:
> > > Program received signal SIGSEGV, Segmentation fault.
> > > TcpStream3FillBuffer (sptr=0x5a5800, buf=0x5b103c "",
> > > psize=20000, server=1)
> > > at spp_tcp_stream3.c:1391
> > > 1391 first_seq = pdata->seq;
> > >
> > It appears to me that something nasty is getting in
> > sptr->s_data->seq. This
> > seg fault happens when server=1 so pdata=sptr->s_data. If I print
> > sptr->s_data->seq after the crash it has been an unusually low value
> > (14????? (I forget the actual number), and 22 in another case). Any
> > thoughts?
> > -Steve
More information about the Snort-devel